Add virtual-mcp-pike-dvr-ssl
The model uses SSL on internal/public endpoints.
Change-Id: I2a38ffdc93c9658bd1fb99c5fca29a0436362e04
Related-Prod: PROD-17943
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/client.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/client.yml
new file mode 100644
index 0000000..6417052
--- /dev/null
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/client.yml
@@ -0,0 +1,18 @@
+classes:
+- system.docker.client
+- system.elasticsearch.client.single
+- system.grafana.client
+- system.grafana.client.datasource.prometheus
+- system.kibana.client.single
+- cluster.virtual-mcp-pike-dvr-ssl
+parameters:
+ _param:
+ # Elasticsearch/Kibana client parameters
+ stacklight_log_address: ${_param:stacklight_monitor_address}
+ # Grafana client parameters
+ grafana_address: ${_param:stacklight_monitor_address}
+ grafana_port: 15013
+ grafana_user: admin
+ grafana_password: ${_param:grafana_admin_password}
+ grafana_prometheus_address: ${_param:stacklight_monitor_address}
+ grafana_prometheus_port: 15016
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/init.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/init.yml
new file mode 100644
index 0000000..0b10c03
--- /dev/null
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/init.yml
@@ -0,0 +1,34 @@
+parameters:
+ _param:
+ prometheus_control_address: ${_param:stacklight_monitor_address}
+ heka_elasticsearch_host: ${_param:stacklight_monitor_address}
+ elasticsearch_port: 9200
+ stacklight_environment: ${_param:cluster_domain}
+ stacklight_notification_topic: stacklight_notifications
+ grafana_admin_password: admin
+ grafana_database_type: mysql
+ grafana_database_host: ${_param:openstack_database_address}
+ grafana_database_password: ${_param:mysql_grafana_password}
+ linux:
+ network:
+ host:
+ mon:
+ address: ${_param:stacklight_monitor_address}
+ names:
+ - mon
+ - mon.${_param:cluster_domain}
+ mon01:
+ address: ${_param:stacklight_monitor_node01_address}
+ names:
+ - mon01
+ - mon01.${_param:cluster_domain}
+ mon02:
+ address: ${_param:stacklight_monitor_node02_address}
+ names:
+ - mon02
+ - mon02.${_param:cluster_domain}
+ mon03:
+ address: ${_param:stacklight_monitor_node03_address}
+ names:
+ - mon03
+ - mon03.${_param:cluster_domain}
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/proxy.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/proxy.yml
new file mode 100644
index 0000000..6a71843
--- /dev/null
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/proxy.yml
@@ -0,0 +1,17 @@
+classes:
+- system.nginx.server.single
+- system.nginx.server.proxy.stacklight.grafana
+- system.nginx.server.proxy.stacklight.kibana
+- system.nginx.server.proxy.monitoring.prometheus_server
+- system.nginx.server.proxy.monitoring.prometheus_alertmanager
+- system.salt.minion.cert.proxy
+- cluster.virtual-mcp-pike-dvr-ssl
+parameters:
+ _param:
+ nginx_proxy_grafana_port: 15013
+ nginx_proxy_ssl:
+ enabled: true
+ authority: ${_param:salt_minion_ca_authority}
+ engine: salt
+ mode: secure
+ salt_minion_ca_host: cfg01.${linux:system:domain}
diff --git a/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/server.yml b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/server.yml
new file mode 100644
index 0000000..96f565c
--- /dev/null
+++ b/classes/cluster/virtual-mcp-pike-dvr-ssl/stacklight/server.yml
@@ -0,0 +1,68 @@
+classes:
+- system.docker.host
+- system.linux.system.repo.mcp.apt_mirantis.influxdb
+- system.linux.system.repo.mcp.extra
+- system.linux.system.repo.mcp.apt_mirantis.elastic
+- system.linux.system.repo.mcp.apt_mirantis.kibana
+- system.linux.system.repo.mcp.apt_mirantis.docker
+- system.linux.system.repo.docker
+- system.heka.remote_collector.container
+- system.heka.remote_collector.input.amqp
+- system.heka.remote_collector.output.elasticsearch
+- system.heka.remote_collector.output.telegraf
+- system.elasticsearch.server.cluster
+- system.elasticsearch.server.curator
+- system.kibana.server.single
+- system.haproxy.proxy.listen.stacklight.elasticsearch
+- system.haproxy.proxy.listen.stacklight.kibana
+- system.haproxy.proxy.listen.stacklight.influxdb_relay
+- service.haproxy.proxy.single
+- system.influxdb.relay.cluster
+- system.influxdb.server.single
+- system.influxdb.database.stacklight
+- system.influxdb.database.ceilometer
+- system.keepalived.cluster.instance.prometheus_server_vip
+- system.telegraf.agent.remote
+- system.prometheus.server.remote_write.docker
+- system.prometheus.server.alertmanager.dns
+- system.prometheus.server.target.dns
+- system.docker.swarm.stack.monitoring
+- system.docker.swarm.stack.monitoring.remote_collector
+- system.docker.swarm.stack.dashboard
+- cluster.virtual-mcp-pike-dvr-ssl
+parameters:
+ _param:
+ heka_amqp_host: ${_param:openstack_control_address}
+ kibana_elasticsearch_host: ${_param:stacklight_monitor_address}
+ keepalived_prometheus_vip_address: ${_param:stacklight_monitor_address}
+ keepalived_prometheus_vip_password: 'password'
+ keepalived_prometheus_vip_interface: ens4
+ cluster_vip_address: ${_param:stacklight_monitor_address}
+ cluster_local_address: ${_param:single_address}
+ cluster_elasticsearch_port: 9200
+ cluster_kibana_port: 5601
+ docker_image_alertmanager: docker-prod-virtual.docker.mirantis.net/openstack-docker/alertmanager:latest
+ docker_image_pushgateway: docker-prod-virtual.docker.mirantis.net/openstack-docker/pushgateway:latest
+ docker_image_prometheus: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus:latest
+ docker_image_remote_agent: docker-prod-virtual.docker.mirantis.net/openstack-docker/telegraf:latest
+ docker_image_remote_storage_adapter: docker-prod-virtual.docker.mirantis.net/openstack-docker/remote_storage_adapter:latest
+ docker_image_remote_collector: docker-prod-virtual.docker.mirantis.net/openstack-docker/heka:latest
+ docker_image_prometheus_relay: docker-prod-virtual.docker.mirantis.net/openstack-docker/prometheus_relay:latest
+ docker_image_grafana: grafana/grafana:4.5.2
+ influxdb_port: 8086
+ influxdb_admin_password: password
+ influxdb_stacklight_password: lmapass
+ prometheus_influxdb_url: "http://${_param:stacklight_monitor_address}:${_param:influxdb_port}/"
+ prometheus_influxdb_db: lma
+ prometheus_influxdb_username: lma
+ prometheus_influxdb_password: ${_param:influxdb_stacklight_password}
+ remote_collector_telegraf_host: monitoring_remote_agent
+ linux:
+ network:
+ interface:
+ ens4:
+ enabled: true
+ type: eth
+ proto: static
+ address: ${_param:single_address}
+ netmask: 255.255.255.0